CryptoDB
Dominique Unruh
Publications
Year
Venue
Title
2021
TCC
Relationships between quantum IND-CPA notions
📺
Abstract
An encryption scheme is called indistinguishable under chosen plaintext attack (short IND-CPA) if an attacker cannot distinguish the encryptions of two messages of his choice. There are other variants of this definition but they all turn out to be equivalent in the classical case.
In this paper, we give a comprehensive overview of these different variants of IND-CPA
for symmetric encryption schemes in the quantum setting.
We investigate the relationships between these notions
and prove various equivalences, implications, non-equivalences, and non-implications between these variants.
2020
PKC
Generic Authenticated Key Exchange in the Quantum Random Oracle Model
📺
Abstract
We propose $$mathsf {FO_mathsf {AKE}}$$ , a generic construction of two-message authenticated key exchange (AKE) from any passively secure public key encryption (PKE) in the quantum random oracle model (QROM). Whereas previous AKE constructions relied on a Diffie-Hellman key exchange or required the underlying PKE scheme to be perfectly correct, our transformation allows arbitrary PKE schemes with non-perfect correctness. Dealing with imperfect schemes is one of the major difficulties in a setting involving active attacks. Our direct construction, when applied to schemes such as the submissions to the recent NIST post-quantum competition, is more natural than previous AKE transformations. Furthermore, we avoid the use of (quantum-secure) digital signature schemes which are considerably less efficient than their PKE counterparts. As a consequence, we can instantiate our AKE transformation with any of the submissions to the recent NIST competition, e.g., ones based on codes and lattices. $$mathsf {FO_mathsf {AKE}}$$ can be seen as a generalisation of the well known Fujisaki-Okamoto transformation (for building actively secure PKE from passively secure PKE) to the AKE setting. As a helper result, we also provide a security proof for the Fujisaki-Okamoto transformation in the QROM for PKE with non-perfect correctness which is tighter and tolerates a larger correctness error than previous proofs.
2020
ASIACRYPT
Post-Quantum Verification of Fujisaki-Okamoto
📺
Abstract
We present a computer-verified formalization of the post-quantum
security proof of the Fujisaki-Okamoto transform (as analyzed by
Hövelmanns, Kiltz, Schäge, and Unruh, PKC 2020). The formalization is
done in quantum relational Hoare logic and checked in the qrhl-tool
(Unruh, POPL 2019).
2019
CRYPTO
Quantum Security Proofs Using Semi-classical Oracles
📺
Abstract
We present an improved version of the one-way to hiding (O2H) Theorem by Unruh, J ACM 2015. Our new O2H Theorem gives higher flexibility (arbitrary joint distributions of oracles and inputs, multiple reprogrammed points) as well as tighter bounds (removing square-root factors, taking parallelism into account). The improved O2H Theorem makes use of a new variant of quantum oracles, semi-classical oracles, where queries are partially measured. The new O2H Theorem allows us to get better security bounds in several public-key encryption schemes.
2013
JOFC
Polynomial Runtime and Composability
Abstract
We devise a notion of polynomial runtime suitable for the simulation-based security analysis of multi-party cryptographic protocols. Somewhat surprisingly, straightforward notions of polynomial runtime lack expressivity for reactive tasks and/or lead to an unnatural simulation-based security notion. Indeed, the problem has been recognized in previous works, and several notions of polynomial runtime have already been proposed. However, our new notion, dubbed reactive polynomial time, is the first to combine the following properties: it is simple enough to support simple security/runtime analyses,it is intuitive in the sense that all intuitively feasible protocols and attacks (and only those) are considered polynomial-time,it supports secure composition of protocols in the sense of a universal composition theorem. We work in the Universal Composability (UC) protocol framework. We remark that while the UC framework already features a universal composition theorem, we develop new techniques to prove secure composition in the case of reactively polynomial-time protocols and attacks.
Program Committees
- Crypto 2021
- Crypto 2020
- Asiacrypt 2018
- Eurocrypt 2018
- Crypto 2017
- Asiacrypt 2017
- Eurocrypt 2016
- Asiacrypt 2016
- Asiacrypt 2015
- Eurocrypt 2014
- PKC 2014
- Crypto 2012
- TCC 2011
Coauthors
- Andris Ambainis (1)
- Michael Backes (3)
- Tore V. Carstens (1)
- Markus Dürmuth (1)
- Ehsan Ebrahimi (1)
- Sanjam Garg (1)
- Mike Hamburg (1)
- Dennis Hofheinz (4)
- Kathrin Hövelmanns (1)
- Eike Kiltz (1)
- Jörn Müller-Quade (6)
- Vanishree Rao (1)
- Amit Sahai (1)
- Sven Schäge (1)
- Dominique Schröder (3)
- Gelo N. Tabia (1)
- Ehsan Ebrahimi Targhi (1)